Cryptocurrency is digital “money” that utilizes encryption techniques to regulate the issuance of units and verify their transfer. Cryptocurrency operates without the participation of a central bank or other government agency.

I have written about culture as having many facets. Auditing culture is not just about ethics, or risk-taking. It’s about behavior and what drives it. Are we, as individuals (especially when we are in a position of authority, such as any member of internal audit) doing enough?

On May 16, 2017, Bill C-30, Canada’s legislation to implement the Comprehensive Economic and Trade Agreement (CETA), a free trade agreement between Canada and the European Union, received royal assent.

Reference checks can put former employers in an awkward position. Employers want to tell the truth but may be concerned about the potential legal consequences of providing a bad reference. However, a recent case out of Ontario suggests that employers should not be afraid to tell the truth when asked to provide a reference for a former employee.

A quick reminder that pursuant to the Accessibility for Ontarians with Disabilities Act, 2005 (Ontario), Ontario private sector businesses with twenty or more employees are required to file an AODA compliance report every three years. The next deadline is fast approaching – December 31, 2017.

In order to protect their ownership of copyright, organisations whose works might be published by the government should obtain any necessary assignments or waivers, since the Crown copyright regime does not apply if there is a private arrangement with the work’s author.

Devotion to remaining within risk appetite (if you can even express one that will proactively guide decision-makers) is likely to make you risk averse – and focusing on avoiding harm is the path to avoiding success.

Any organization which acquires IT systems must do so carefully. Among other reasons, systems may be costly, they may be critical to business operations, and they may create significant risks (for example a risk of security breaches). The following suggestions will help to mitigate some of the risks associated with IT systems acquisition:

On October 31, 2017, the federal government brought into force a pending amendment to the Corruption of Foreign Public Officials Act likely to have a significant impact on many Canadian firms operating abroad. Starting on October 31, so-called “facilitation payments” – payments to low-level government officials to expedite or secure the performance of an act of a routine nature – will be illegal.

Many companies effectively minimize the risk of inappropriate gifts through stringent pre-approval requirements because a sufficiently robust and enforced pre-approval policy can reduce the number of gifts simply because of the headache of getting the pre-approval. This has the added benefit of ensuring enforcement of internal controls, largely because of the reduced volume of gifts being included in expense reports.

Following the example of the Ontario Securities Commission, the Authority implemented a whistleblower program in June 2016. Contrary to Ontario, Quebec’s program does not give financial awards to whistleblowers, but it does guarantee a framework that ensures confidentiality and protects whistleblowers against reprisals. However, no legislative amendment guaranteeing these protections has been introduced until now.

My impression is that COSO only tinkered with the draft. But, have they done enough to move practices forward, in the right direction? Will this update change the percentage of executives answering the piercing question by Deloitte, “Does risk management support, at a high level, the ability to develop and execute business strategies”, up from 13% close to 80%?

The intersection between insolvency law and labour law has long created a struggle between balancing the rights of employees and maintaining a mechanism for restructuring or liquidating distressed companies.